PBA
Observations
 Growth, projects, busy-ness
– Doing an incredible amount of work
 Great Quality of work
 Concern about being perfect
 Attitudes
– Tight financial times
– Salaries
 No magic solution
Security
– Protecting data/resources through security is important!
– 18,625 attacks per hour, 34% of network traffic
– Layer 7 firewall is blocking 447,000 attacks a day 24 hour period.
– Top 5 concerns of CIOs in higher education
– Second biggest concern is cleaning up old data from
desktops and laptops and protecting them.
– Concern of Board of Trustee’s Audit Committee
– Best practices for a University our size
• Utah Schools
– U
– USU
– Weber
Security
 Need Positions
– Backup to ISO on all Systems such as firewalls,
IDS, IPS, Incident Handling, PCI, etc.
– Desktop security
Positions
 Hourly Plan
Spider scans on desktops
Spider scans of laptops
Vulnerability scans of the network
End user encryption
Desktop audits
Web security tips and how to
 Full time Plan
Backup to ISO on all Systems such as firewalls, IDS, IPS, Incident Handling, PCI, etc.
Malware, McAfee Antivirus, EPO, HIPS
Security awareness training
Integration of EPO , Foundstone and Intrushield products.
Vulnerability assessments, penetration tests and security audits
Windows update server/policies, Desktop Audits, Desktop Encryption,
Backup & Recovery (Disaster Recovery, Business Continuity)
Password Strength, management, and expiration, Manage VPN access and monitor, Manage Web filtering solution,
Deploy and manage a central logging system
Microsoft active directory security , Deploy, manage and maintain all security systems and their corresponding or associated software, including
firewalls, intrusion detection systems, cryptography systems, and anti-virus software.
Investigates complaints of non-compliance as well as any foreseeable internal and external information security risks and reports on noted
irregularities and risks.
Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and make
recommendations for resolution.
Security Requests
 IT Security Analysis (Desktop security
specialist) $80,000?
 Hourly money for security $25,000
 Web filter - $75,000 one-time $15,000 on-going
DBA
 Oracle 11g Upgrade
 Oracle masking
 Identity Vault
DBA Requests
 Oracle Tools (Data Masking Pack)
 RAC
 Support Disaster Recovery of Banner etc.
 DBA trainee
OIT
 Accreditation – Standard 5
OIT Priorities for This Year
 Updated Master Plan with New executive team
 ODS/EDW & Webfocus reports/dashboards
 Portfolio/Projects Office
 IT Security, Compliance, Policies
 IT Training, Communications, Metrics
 Disaster Recovery Plan
 Web 2.0 & Cloud Computing Directions
 Academic Computing
– SRIs, data, scheduling, faculty workload, ePortfolio
Other Projects
 R-25 web-based
 Virtual Lab
 Wimba in Portal
 FSAAtlas
 iTunes
 Time/Leave Entry
 SRITS
 Computer Rental Programs
Continued
 GroupWise vs Exchange discussion – plan
– (Also Novell vs Microsoft)
 Wasatch campus
 Alpha shut-off
 Remote Classroom Demo
 Mobile Computing
 Campus-wide sustainable MEC
 GroupWise 8 ?
Requests
 Projects Office (accountability) FTE
 Growth funding (people & systems)
– catch up (extremely thin)
– model for future
– Risk mitigation (new environment & rules)
 Support – apple, mobile, other
 Development vs Maintenance
(Projects vs Services)